• 全部
  • 经验案例
  • 典型配置
  • 技术公告
  • FAQ
  • 漏洞说明
  • 全部
  • 全部
  • 大数据引擎
  • 知了引擎
产品线
搜索
取消
案例类型
发布者
是否解决
是否官方
时间
搜索引擎
匹配模式
高级搜索

S5130S-EI RADIUS 授权SSH登录问题

2025-03-26提问
  • 0关注
  • 0收藏,1075浏览
seven
seven 零段
粉丝:0人 关注:0人

问题描述:

最近想进行RADIUS授权交换机登录,故障描述:SSH连接后,RADIUS授权登录成功,客户端?服务器立马断开连接

附上交换机主要配置

#

domain ***.***

 authentication login radius-scheme sw_admin

 authorization login radius-scheme sw_admin

 accounting login radius-scheme sw_admin

#

domain system

#

 domain default enable ***.***

#

radius scheme sw_admin

 primary authentication 192.168.40.217

 primary accounting 192.168.40.217

 accounting-on enable

 key authentication cipher $c$3$1q8L3TQCP5n/fn19+TnaZJbWU5cvC8WnoIXe

 key accounting cipher $c$3$IFRp/K31l3MyTQqUkicWNsuGY3LwDGwXNeVA

 nas-ip 192.168.40.254

#

line vty 0 63

 authentication-mode scheme

 user-role network-admin

 user-role network-operator

#

并附上SSH的DEBUG

<H3C>*Jan  2 21:48:14:916 2013 H3C SSHS/7/EVENT: Start new child 1704.

*Jan  2 21:48:14:939 2013 H3C SSHS/7/EVENT: Connection from 192.168.10.1 port 59608

*Jan  2 21:48:14:943 2013 H3C SSHS/7/EVENT: Client protocol version 2.0, client software version nsssh2_8.0.0012 NetSarang Computer, Inc.

*Jan  2 21:48:14:945 2013 H3C SSHS/7/EVENT: Enabling compatibility mode for protocol 2.0

*Jan  2 21:48:14:945 2013 H3C SSHS/7/EVENT: Local version string SSH-2.0-Comware-7.1.070

*Jan  2 21:48:14:946 2013 H3C SSHS/7/EVENT: Pki-domain-name is not configure.

*Jan  2 21:48:14:946 2013 H3C SSHS/7/EVENT: Pki-domain-name is not configure.

*Jan  2 21:48:14:950 2013 H3C SSHS/7/EVENT: Hostkey string is : ssh-rsa

*Jan  2 21:48:14:951 2013 H3C SSHS/7/MESSAGE: Prepare packet[20].

*Jan  2 21:48:14:953 2013 H3C SSHS/7/MESSAGE: Received packet type 20.

*Jan  2 21:48:14:953 2013 H3C SSHS/7/EVENT: Received SSH2_MSG_KEXINIT.

*Jan  2 21:48:14:954 2013 H3C SSHS/7/EVENT: My proposal kex:

*Jan  2 21:48:14:954 2013 H3C SSHS/7/EVENT: Kex strings(0): ecdh-sha2-nistp256,ecdh-sha2-nistp384,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

*Jan  2 21:48:14:954 2013 H3C SSHS/7/EVENT: Kex strings(1): ssh-rsa

*Jan  2 21:48:14:955 2013 H3C SSHS/7/EVENT: Kex strings(2): aes128-ctr,aes192-ctr,aes256-ctr,AEAD_AES_128_GCM,AEAD_AES_256_GCM,aes128-cbc,3des-cbc,aes256-cbc,des-cbc

*Jan  2 21:48:14:956 2013 H3C SSHS/7/EVENT: Kex strings(3): aes128-ctr,aes192-ctr,aes256-ctr,AEAD_AES_128_GCM,AEAD_AES_256_GCM,aes128-cbc,3des-cbc,aes256-cbc,des-cbc

*Jan  2 21:48:14:956 2013 H3C SSHS/7/EVENT: Kex strings(4): hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96

*Jan  2 21:48:14:956 2013 H3C SSHS/7/EVENT: Kex strings(5): hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96

*Jan  2 21:48:14:957 2013 H3C SSHS/7/EVENT: Kex strings(6): none,zlib,zlib@openssh.com

*Jan  2 21:48:14:957 2013 H3C SSHS/7/EVENT: Kex strings(7): none,zlib,zlib@openssh.com

*Jan  2 21:48:14:957 2013 H3C SSHS/7/EVENT: Kex strings(8): 

*Jan  2 21:48:14:957 2013 H3C SSHS/7/EVENT: Kex strings(9): 

*Jan  2 21:48:14:958 2013 H3C SSHS/7/EVENT: Peer proposal kex:

*Jan  2 21:48:14:958 2013 H3C SSHS/7/EVENT: Kex strings(0): curve25519-sha256@***.***,curve25519-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group18-sha512,diffie-hellman-group16-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c,kex-strict-c-v00@openssh.com

*Jan  2 21:48:14:958 2013 H3C SSHS/7/EVENT: Kex strings(1): ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-512,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-rsa,ssh-dss

*Jan  2 21:48:14:958 2013 H3C SSHS/7/EVENT: Kex strings(2): chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu.se,arcfour128,arcfour256

*Jan  2 21:48:14:959 2013 H3C SSHS/7/EVENT: Kex strings(3): chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu.se,arcfour128,arcfour256

*Jan  2 21:48:14:959 2013 H3C SSHS/7/EVENT: Kex strings(4): hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-etm@openssh.com,hmac-md5-96-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com,none

*Jan  2 21:48:14:959 2013 H3C SSHS/7/EVENT: Kex strings(5): hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-etm@openssh.com,hmac-md5-96-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com,none

*Jan  2 21:48:14:959 2013 H3C SSHS/7/EVENT: Kex strings(6): none

*Jan  2 21:48:14:960 2013 H3C SSHS/7/EVENT: Kex strings(7): none

*Jan  2 21:48:14:960 2013 H3C SSHS/7/EVENT: Kex strings(8): 

*Jan  2 21:48:14:960 2013 H3C SSHS/7/EVENT: Kex strings(9): 

*Jan  2 21:48:14:963 2013 H3C SSHS/7/EVENT: Kex: client->server, Encrypt: aes128-ctr, HMAC: hmac-sha2-256, Compress: none

*Jan  2 21:48:14:966 2013 H3C SSHS/7/EVENT: Kex: server->client, Encrypt: aes128-ctr, HMAC: hmac-sha2-256, Compress: none

*Jan  2 21:48:15:035 2013 H3C SSHS/7/EVENT: Expecting packet type 30.

*Jan  2 21:48:15:037 2013 H3C SSHS/7/MESSAGE: Received packet type 30.

*Jan  2 21:48:15:078 2013 H3C SSHS/7/MESSAGE: Prepare packet[31].

*Jan  2 21:48:15:087 2013 H3C SSHS/7/MESSAGE: Prepare packet[21].

*Jan  2 21:48:15:087 2013 H3C SSHS/7/EVENT: Set new keys: mode=1

*Jan  2 21:48:15:088 2013 H3C SSHS/7/EVENT: Expecting packet type 21.

*Jan  2 21:48:15:098 2013 H3C SSHS/7/EVENT: Set new keys: mode=0

*Jan  2 21:48:15:098 2013 H3C SSHS/7/MESSAGE: Received packet type 21.

*Jan  2 21:48:15:099 2013 H3C SSHS/7/EVENT: KEX done.

*Jan  2 21:48:15:100 2013 H3C SSHS/7/MESSAGE: Received packet type 5.

*Jan  2 21:48:15:101 2013 H3C SSHS/7/EVENT: Received SSH2_MSG_SERVICE_REQUEST.

*Jan  2 21:48:15:101 2013 H3C SSHS/7/MESSAGE: Prepare packet[6].

*Jan  2 21:48:17:690 2013 H3C SSHS/7/MESSAGE: Received packet type 50.

*Jan  2 21:48:17:690 2013 H3C SSHS/7/EVENT: Received SSH2_MSG_USERAUTH_REQUEST.

*Jan  2 21:48:17:690 2013 H3C SSHS/7/EVENT: Username: it01, service: ssh-connection, method: none

*Jan  2 21:48:17:692 2013 H3C SSHS/7/EVENT: PAM: initializing for "it01", service:login, domain:

*Jan  2 21:48:18:057 2013 H3C SSHS/7/EVENT: Try authentication method none.

*Jan  2 21:48:18:057 2013 H3C SSHS/7/EVENT: Get authentication methods: password

*Jan  2 21:48:18:057 2013 H3C SSHS/7/MESSAGE: Prepare packet[51].

*Jan  2 21:48:22:993 2013 H3C SSHS/7/MESSAGE: Received packet type 50.

*Jan  2 21:48:22:993 2013 H3C SSHS/7/EVENT: Received SSH2_MSG_USERAUTH_REQUEST.

*Jan  2 21:48:22:994 2013 H3C SSHS/7/EVENT: Username: it01, service: ssh-connection, method: password

*Jan  2 21:48:22:994 2013 H3C SSHS/7/EVENT: Try authentication method password.

*Jan  2 21:48:22:994 2013 H3C SSHS/7/EVENT: Password authentication and authorization.

*Jan  2 21:48:23:010 2013 H3C RADIUS/7/EVENT: PAM_RADIUS: Processing RADIUS authentication.

*Jan  2 21:48:23:011 2013 H3C RADIUS/7/EVENT: Processing AAA request data.

*Jan  2 21:48:23:011 2013 H3C RADIUS/7/EVENT: Got request data successfully, primitive: authentication.

*Jan  2 21:48:23:011 2013 H3C RADIUS/7/EVENT: Getting RADIUS server info.

*Jan  2 21:48:23:011 2013 H3C RADIUS/7/EVENT: Got RADIUS server info successfully.

*Jan  2 21:48:23:012 2013 H3C RADIUS/7/EVENT: Created request context successfully.

*Jan  2 21:48:23:012 2013 H3C RADIUS/7/EVENT: Created request packet successfully, dstIP: 192.168.40.217, dstPort: 1812, VPN instance: --(public), socketFd: 35, pktID: 203.

*Jan  2 21:48:23:012 2013 H3C RADIUS/7/EVENT: Added packet socketfd to epoll successfully, socketFd: 35.

*Jan  2 21:48:23:013 2013 H3C RADIUS/7/EVENT: Mapped PAM item to RADIUS attribute successfully.

*Jan  2 21:48:23:014 2013 H3C RADIUS/7/EVENT: Got RADIUS username format successfully, format: 1.

*Jan  2 21:48:23:014 2013 H3C RADIUS/7/EVENT: Added attribute user-name successfully, user-name: it01@***.***.

*Jan  2 21:48:23:014 2013 H3C RADIUS/7/EVENT: Filled RADIUS attributes in packet successfully.

*Jan  2 21:48:23:014 2013 H3C RADIUS/7/EVENT: Composed request packet successfully.

*Jan  2 21:48:23:015 2013 H3C RADIUS/7/EVENT: Created response timeout timer successfully.

*Jan  2 21:48:23:015 2013 H3C RADIUS/7/PACKET: 

    User-Name="it01@***.***"

    NAS-Identifier="H3C"

    Framed-IP-Address=192.168.10.1

    H3C-NAS-Port-Name="Vlan-interface40"

    NAS-Port-Type=Virtual

    Calling-Station-

    User-Password=******

    Acct-Session-

    Service-Type=Login-User

    NAS-IP-Address=192.168.40.254

    H3c-Product-

    H3c-Nas-Startup-Timestamp=1356998406

*Jan  2 21:48:23:016 2013 H3C RADIUS/7/EVENT: Sent request packet successfully.

*Jan  2 21:48:23:017 2013 H3C RADIUS/7/PACKET: 

 01 cb 00 c5 8d 43 92 ae 1c 7c 6d fa 44 2d 60 ab 

 c3 2d 7c 0f 01 0f 69 74 30 31 40 73 74 61 72 2e 

 63 6f 6d 20 05 48 33 43 08 06 c0 a8 0a 01 1a 18 

 00 00 63 a2 e6 12 56 6c 61 6e 2d 69 6e 74 65 72 

 66 61 63 65 34 30 3d 06 00 00 00 05 1f 0e 31 39 

 32 2e 31 36 38 2e 31 30 2e 31 02 12 ba 48 5b b9 

 1c ed 34 44 94 bc bd 8c 69 53 87 fa 2c 28 30 30 

 30 30 30 30 30 31 32 30 31 33 30 31 30 32 32 31 

 34 38 32 32 30 30 30 30 30 30 30 31 30 38 31 30 

 31 37 30 34 06 06 00 00 00 01 04 06 c0 a8 28 fe 

 1a 19 00 00 63 a2 ff 13 48 33 43 20 53 35 31 33 

 30 53 2d 32 38 50 2d 45 49 1a 0c 00 00 63 a2 3b 

 06 50 e2 27 06 

*Jan  2 21:48:23:017 2013 H3C RADIUS/7/EVENT: PAM_RADIUS: Sent authentication request successfully.

*Jan  2 21:48:23:017 2013 H3C RADIUS/7/EVENT: Sent request packet and create request context successfully.

*Jan  2 21:48:23:018 2013 H3C RADIUS/7/EVENT: Added request context to global table successfully.

*Jan  2 21:48:23:018 2013 H3C RADIUS/7/EVENT: Processing AAA request data.

*Jan  2 21:48:23:071 2013 H3C RADIUS/7/EVENT: Reply SocketFd recieved EPOLLIN event.

*Jan  2 21:48:23:071 2013 H3C RADIUS/7/EVENT: Received reply packet succuessfully.

*Jan  2 21:48:23:071 2013 H3C RADIUS/7/EVENT: Found request context, dstIP: 192.168.40.217, dstPort: 1812, VPN instance: --(public), socketFd: 35, pktID: 203.

*Jan  2 21:48:23:071 2013 H3C RADIUS/7/EVENT: The reply packet is valid.

*Jan  2 21:48:23:072 2013 H3C RADIUS/7/EVENT: Decoded reply packet successfully.

*Jan  2 21:48:23:073 2013 H3C RADIUS/7/PACKET: 

    Reply-Message="Switch enable access granted by PacketFence"

*Jan  2 21:48:23:073 2013 H3C RADIUS/7/PACKET: 

 02 cb 00 41 74 08 af d3 54 c0 3d 97 e5 fc 2f a4 

 18 1f 26 26 12 2d 53 77 69 74 63 68 20 65 6e 61 

 62 6c 65 20 61 63 63 65 73 73 20 67 72 61 6e 74 

 65 64 20 62 79 20 50 61 63 6b 65 74 46 65 6e 63 

 65 

*Jan  2 21:48:23:073 2013 H3C RADIUS/7/EVENT: PAM_RADIUS: Fetched authentication reply-data successfully, resultCode: 0

*Jan  2 21:48:23:074 2013 H3C RADIUS/7/EVENT: PAM_RADIUS: Received authentication reply message, resultCode: 0

*Jan  2 21:48:23:076 2013 H3C RADIUS/7/EVENT: Sent reply message successfully.

*Jan  2 21:48:23:077 2013 H3C RADIUS/7/EVENT: PAM_RADIUS: Processing RADIUS authorization.

*Jan  2 21:48:23:078 2013 H3C RADIUS/7/EVENT: PAM_RADIUS: RADIUS Authorization successfully.

*Jan  2 21:48:23:078 2013 H3C SSHS/7/EVENT: PAM: Get work directory flash:.

*Jan  2 21:48:23:079 2013 H3C SSHS/7/EVENT: PAM: password authentication accepted for it01.

*Jan  2 21:48:23:079 2013 H3C SSHS/7/EVENT: PAM: accounting.

*Jan  2 21:48:23:080 2013 H3C SSHS/7/EVENT: PAM: account management : 0 (success)

%Jan  2 21:48:23:081 2013 H3C SSHS/6/SSHS_AUTH_SUCCESS: SSH user it01 from 192.168.10.1 port 59608 passed password authentication.

*Jan  2 21:48:23:081 2013 H3C SSHS/7/MESSAGE: Prepare packet[52].

*Jan  2 21:48:23:084 2013 H3C SSHS/7/EVENT: Entering interactive session for SSH2.

*Jan  2 21:48:23:084 2013 H3C SSHS/7/EVENT: Initiate server message dispatch, compatibility:1/0 

*Jan  2 21:48:23:087 2013 H3C SSHS/7/MESSAGE: Received packet type 90.

*Jan  2 21:48:23:087 2013 H3C SSHS/7/EVENT: Received SSH2_MSG_CHANNEL_OPEN: ctype session, rchan 0, win 32768, max 16384

*Jan  2 21:48:23:088 2013 H3C SSHS/7/EVENT: Received session request.

*Jan  2 21:48:23:088 2013 H3C SSHS/7/EVENT: Channel 0: new [server-session]

*Jan  2 21:48:23:088 2013 H3C SSHS/7/EVENT: Session id 0 unused.

*Jan  2 21:48:23:089 2013 H3C SSHS/7/EVENT: Session opened: session 0, link with channel 0

*Jan  2 21:48:23:089 2013 H3C SSHS/7/MESSAGE: Prepare packet[91].

*Jan  2 21:48:23:104 2013 H3C SSHS/7/MESSAGE: Received packet type 98.

*Jan  2 21:48:23:104 2013 H3C SSHS/7/EVENT: Received SSH2_MSG_CHANNEL_REQUEST: channel 0, request x11-req, reply 1

*Jan  2 21:48:23:104 2013 H3C SSHS/7/EVENT: Channel request: user it01, service type 1 rtype:x11-req

*Jan  2 21:48:23:104 2013 H3C SSHS/7/MESSAGE: Prepare packet[100].

*Jan  2 21:48:23:108 2013 H3C SSHS/7/MESSAGE: Received packet type 98.

*Jan  2 21:48:23:108 2013 H3C SSHS/7/EVENT: Received SSH2_MSG_CHANNEL_REQUEST: channel 0, request pty-req, reply 0

*Jan  2 21:48:23:108 2013 H3C SSHS/7/EVENT: Channel request: user it01, service type 1 rtype:pty-req

*Jan  2 21:48:23:121 2013 H3C SSHS/7/EVENT: Open pty: pseudo-terminal-master(36), pseudo-terminal-sub(34)

*Jan  2 21:48:23:123 2013 H3C SSHS/7/MESSAGE: Received packet type 98.

*Jan  2 21:48:23:124 2013 H3C SSHS/7/EVENT: Received SSH2_MSG_CHANNEL_REQUEST: channel 0, request shell, reply 0

*Jan  2 21:48:23:124 2013 H3C SSHS/7/EVENT: Channel request: user it01, service type 1 rtype:shell

*Jan  2 21:48:23:132 2013 H3C SSHS/7/EVENT: Channel 0: read_fd 38 is a TTY.

*Jan  2 21:48:23:133 2013 H3C SSHS/7/MESSAGE: Prepare packet[93].

*Jan  2 21:48:24:133 2013 H3C SSHS/7/EVENT: PAM: opening session.

*Jan  2 21:48:24:139 2013 H3C SSHS/7/EVENT: Setup environment: user=it01, work directory=flash:

*Jan  2 21:48:24:141 2013 H3C SSHS/7/EVENT: Get default work dir: flash:, return:0

%Jan  2 21:48:24:142 2013 H3C SSHS/6/SSHS_CONNECT: SSH user it01 (IP: 192.168.10.1) connected to the server successfully.

*Jan  2 21:48:24:545 2013 H3C RADIUS/7/EVENT: PAM_RADIUS: RADIUS accounting started.

*Jan  2 21:48:24:545 2013 H3C RADIUS/7/EVENT: PAM_RADIUS: Sent accounting-start request successfully.

*Jan  2 21:48:24:546 2013 H3C RADIUS/7/EVENT: Processing AAA request data.

*Jan  2 21:48:24:546 2013 H3C RADIUS/7/EVENT: Got request data successfully, primitive: accounting-start.

*Jan  2 21:48:24:546 2013 H3C RADIUS/7/EVENT: Getting RADIUS server info.

*Jan  2 21:48:24:547 2013 H3C RADIUS/7/EVENT: Got RADIUS server info successfully.

*Jan  2 21:48:24:547 2013 H3C RADIUS/7/EVENT: Created request context successfully.

*Jan  2 21:48:24:547 2013 H3C RADIUS/7/EVENT: Created request packet successfully, dstIP: 192.168.40.217, dstPort: 1813, VPN instance: --(public), socketFd: 48, pktID: 131.

*Jan  2 21:48:24:548 2013 H3C RADIUS/7/EVENT: Added packet socketfd to epoll successfully, socketFd: 48.

*Jan  2 21:48:24:548 2013 H3C RADIUS/7/EVENT: Mapped PAM item to RADIUS attribute successfully.

*Jan  2 21:48:24:548 2013 H3C RADIUS/7/EVENT: Got RADIUS username format successfully, format: 1.

*Jan  2 21:48:24:549 2013 H3C RADIUS/7/EVENT: Added attribute user-name successfully, user-name: it01@***.***.

*Jan  2 21:48:24:551 2013 H3C RADIUS/7/EVENT: Filled RADIUS attributes in packet successfully.

*Jan  2 21:48:24:551 2013 H3C RADIUS/7/EVENT: Composed request packet successfully.

*Jan  2 21:48:24:551 2013 H3C RADIUS/7/EVENT: Created response timeout timer successfully.

*Jan  2 21:48:24:552 2013 H3C RADIUS/7/PACKET: 

    User-Name="it01@***.***"

    NAS-Identifier="H3C"

    Framed-IP-Address=192.168.10.1

    Calling-Station-

    NAS-Port-Type=Virtual

    Acct-Session-

    NAS-IP-Address=192.168.40.254

    Acct-Status-Type=Start

    Acct-Delay-Time=0

    Event-Timestamp="Jan  2 2013 21:48:24 UTC"

    H3c-Product-

    H3c-Nas-Startup-Timestamp=1356998406

*Jan  2 21:48:24:554 2013 H3C RADIUS/7/EVENT: Sent request packet successfully.

*Jan  2 21:48:24:554 2013 H3C RADIUS/7/PACKET: 

 04 83 00 a7 4c a5 1d 33 02 07 5d 51 1d b0 dc 45 

 5a 8d 19 79 01 0f 69 74 30 31 40 73 74 61 72 2e 

 63 6f 6d 20 05 48 33 43 08 06 c0 a8 0a 01 1f 0e 

 31 39 32 2e 31 36 38 2e 31 30 2e 31 3d 06 00 00 

 00 05 2c 28 30 30 30 30 30 30 30 31 32 30 31 33 

 30 31 30 32 32 31 34 38 32 34 30 30 30 30 30 30 

 30 31 30 38 31 30 31 37 30 36 04 06 c0 a8 28 fe 

 28 06 00 00 00 01 29 06 00 00 00 00 37 06 50 e4 

 ab 28 1a 19 00 00 63 a2 ff 13 48 33 43 20 53 35 

 31 33 30 53 2d 32 38 50 2d 45 49 1a 0c 00 00 63 

 a2 3b 06 50 e2 27 06 

*Jan  2 21:48:24:555 2013 H3C RADIUS/7/EVENT: Sent request packet and create request context successfully.

*Jan  2 21:48:24:556 2013 H3C RADIUS/7/EVENT: Added request context to global table successfully.

*Jan  2 21:48:24:556 2013 H3C RADIUS/7/EVENT: Processing AAA request data.

*Jan  2 21:48:24:556 2013 H3C RADIUS/7/EVENT: Reply SocketFd recieved EPOLLIN event.

*Jan  2 21:48:24:557 2013 H3C RADIUS/7/EVENT: Received reply packet succuessfully.

*Jan  2 21:48:24:557 2013 H3C RADIUS/7/EVENT: Found request context, dstIP: 192.168.40.217, dstPort: 1813, VPN instance: --(public), socketFd: 48, pktID: 131.

*Jan  2 21:48:24:557 2013 H3C RADIUS/7/EVENT: The reply packet is valid.

*Jan  2 21:48:24:558 2013 H3C RADIUS/7/EVENT: Decoded reply packet successfully.

*Jan  2 21:48:24:558 2013 H3C RADIUS/7/PACKET: 

    Reply-Message="Accounting OK"

*Jan  2 21:48:24:558 2013 H3C RADIUS/7/PACKET: 

 05 83 00 23 2e fa 31 28 d3 5a 28 83 8f 45 96 06 

 ea 9f 13 fb 12 0f 41 63 63 6f 75 6e 74 69 6e 67 

 20 4f 4b 

*Jan  2 21:48:24:559 2013 H3C RADIUS/7/EVENT: PAM_RADIUS: Fetched accounting-start reply-data successfully, resultCode: 0

*Jan  2 21:48:24:559 2013 H3C RADIUS/7/EVENT: PAM_RADIUS: Received accounting-start reply message, resultCode: 0

*Jan  2 21:48:24:560 2013 H3C RADIUS/7/EVENT: Sent reply message successfully.

*Jan  2 21:48:24:577 2013 H3C RADIUS/7/EVENT: PAM_RADIUS: RADIUS accounting stopped.

*Jan  2 21:48:24:577 2013 H3C RADIUS/7/EVENT: PAM_RADIUS: Sent accounting-stop request successfully.

*Jan  2 21:48:24:577 2013 H3C RADIUS/7/EVENT: Processing AAA request data.

*Jan  2 21:48:24:577 2013 H3C RADIUS/7/EVENT: Got request data successfully, primitive: accounting-stop.

*Jan  2 21:48:24:578 2013 H3C RADIUS/7/EVENT: Getting RADIUS server info.

*Jan  2 21:48:24:578 2013 H3C RADIUS/7/EVENT: Got RADIUS server info successfully.

*Jan  2 21:48:24:578 2013 H3C RADIUS/7/EVENT: Created request context successfully.

*Jan  2 21:48:24:578 2013 H3C RADIUS/7/EVENT: Created request packet successfully, dstIP: 192.168.40.217, dstPort: 1813, VPN instance: --(public), socketFd: 48, pktID: 132.

*Jan  2 21:48:24:578 2013 H3C RADIUS/7/EVENT: Added packet socketfd to epoll successfully, socketFd: 48.

*Jan  2 21:48:24:578 2013 H3C RADIUS/7/EVENT: Mapped PAM item to RADIUS attribute successfully.

*Jan  2 21:48:24:579 2013 H3C RADIUS/7/EVENT: Got RADIUS username format successfully, format: 1.

*Jan  2 21:48:24:579 2013 H3C RADIUS/7/EVENT: Added attribute user-name successfully, user-name: it01@***.***.

*Jan  2 21:48:24:580 2013 H3C RADIUS/7/EVENT: Filled RADIUS attributes in packet successfully.

*Jan  2 21:48:24:580 2013 H3C RADIUS/7/EVENT: Composed request packet successfully.

*Jan  2 21:48:24:580 2013 H3C RADIUS/7/EVENT: Created response timeout timer successfully.

*Jan  2 21:48:24:582 2013 H3C RADIUS/7/PACKET: 

    User-Name="it01@***.***"

    Framed-IP-Address=192.168.10.1

    Calling-Station-

    NAS-Port-Type=Virtual

    Acct-Session-

    NAS-Identifier="H3C"

    NAS-IP-Address=192.168.40.254

    Acct-Session-Time=0

    Acct-Status-Type=Stop

    Acct-Delay-Time=0

    Event-Timestamp="Jan  2 2013 21:48:24 UTC"

    H3c-Product-

    H3c-Nas-Startup-Timestamp=1356998406

*Jan  2 21:48:24:583 2013 H3C RADIUS/7/EVENT: Sent request packet successfully.

*Jan  2 21:48:24:584 2013 H3C RADIUS/7/PACKET: 

 04 84 00 ad 36 a0 d2 9e 1c dd 1e 4a 73 56 4b 06 

 60 18 5d 12 01 0f 69 74 30 31 40 73 74 61 72 2e 

 63 6f 6d 08 06 c0 a8 0a 01 1f 0e 31 39 32 2e 31 

 36 38 2e 31 30 2e 31 3d 06 00 00 00 05 2c 28 30 

 30 30 30 30 30 30 31 32 30 31 33 30 31 30 32 32 

 31 34 38 32 34 30 30 30 30 30 30 30 31 30 38 31 

 30 31 37 30 36 20 05 48 33 43 04 06 c0 a8 28 fe 

 2e 06 00 00 00 00 28 06 00 00 00 02 29 06 00 00 

 00 00 37 06 50 e4 ab 28 1a 19 00 00 63 a2 ff 13 

 48 33 43 20 53 35 31 33 30 53 2d 32 38 50 2d 45 

 49 1a 0c 00 00 63 a2 3b 06 50 e2 27 06 

*Jan  2 21:48:24:584 2013 H3C RADIUS/7/EVENT: Sent request packet and create request context successfully.

*Jan  2 21:48:24:585 2013 H3C RADIUS/7/EVENT: Added request context to global table successfully.

*Jan  2 21:48:24:585 2013 H3C RADIUS/7/EVENT: Processing AAA request data.

*Jan  2 21:48:24:585 2013 H3C RADIUS/7/EVENT: Reply SocketFd recieved EPOLLIN event.

*Jan  2 21:48:24:585 2013 H3C RADIUS/7/EVENT: Received reply packet succuessfully.

*Jan  2 21:48:24:586 2013 H3C RADIUS/7/EVENT: Found request context, dstIP: 192.168.40.217, dstPort: 1813, VPN instance: --(public), socketFd: 48, pktID: 132.

*Jan  2 21:48:24:586 2013 H3C RADIUS/7/EVENT: The reply packet is valid.

*Jan  2 21:48:24:587 2013 H3C RADIUS/7/EVENT: Decoded reply packet successfully.

*Jan  2 21:48:24:587 2013 H3C RADIUS/7/PACKET: 

    Reply-Message="Accounting OK"

*Jan  2 21:48:24:587 2013 H3C RADIUS/7/PACKET: 

 05 84 00 23 68 a2 fe ec 30 05 32 07 be 34 05 3c 

 b3 e7 0f 7b 12 0f 41 63 63 6f 75 6e 74 69 6e 67 

 20 4f 4b 

*Jan  2 21:48:24:588 2013 H3C RADIUS/7/EVENT: PAM_RADIUS: Fetched accounting-stop reply-data successfully, resultCode: 0

*Jan  2 21:48:24:588 2013 H3C RADIUS/7/EVENT: PAM_RADIUS: Received accounting-stop reply message, resultCode: 0

*Jan  2 21:48:24:588 2013 H3C RADIUS/7/EVENT: Sent reply message successfully.

*Jan  2 21:48:24:602 2013 H3C SSHS/7/EVENT: Channel 0: read failed

*Jan  2 21:48:24:603 2013 H3C SSHS/7/EVENT: Channel 0: input state changed (open -> drain)

*Jan  2 21:48:24:603 2013 H3C SSHS/7/EVENT: Channel 0: send EOF

*Jan  2 21:48:24:603 2013 H3C SSHS/7/MESSAGE: Prepare packet[96].

*Jan  2 21:48:24:605 2013 H3C SSHS/7/EVENT: Channel 0: input state changed (drain -> closed)

*Jan  2 21:48:24:609 2013 H3C SSHS/7/MESSAGE: Received packet type 96.

*Jan  2 21:48:24:614 2013 H3C SSHS/7/EVENT: Channel 0: received EOF

*Jan  2 21:48:24:614 2013 H3C SSHS/7/EVENT: Channel 0: output state changed (open -> drain)

*Jan  2 21:48:24:614 2013 H3C SSHS/7/EVENT: Channel 0: output state changed (drain -> closed)

*Jan  2 21:48:24:615 2013 H3C SSHS/7/EVENT: Received SIGCHLD.

*Jan  2 21:48:24:615 2013 H3C SSHS/7/EVENT: Channel 0: request exit-status confirm 0

*Jan  2 21:48:24:615 2013 H3C SSHS/7/MESSAGE: Prepare packet[98].

*Jan  2 21:48:24:618 2013 H3C SSHS/7/EVENT: Release channel 0

*Jan  2 21:48:24:618 2013 H3C SSHS/7/EVENT: Close pty: pseudo-terminal-master(-1), pseudo-terminal-sub(34)

*Jan  2 21:48:24:619 2013 H3C SSHS/7/EVENT: Channel 0: send SSH2_MSG_CHANNEL_CLOSE

*Jan  2 21:48:24:620 2013 H3C SSHS/7/MESSAGE: Prepare packet[97].

*Jan  2 21:48:24:631 2013 H3C SSHS/7/MESSAGE: Received packet type 97.

*Jan  2 21:48:24:632 2013 H3C SSHS/7/EVENT: Channel 0: received SSH2_MSG_CHANNEL_CLOSE

*Jan  2 21:48:24:632 2013 H3C SSHS/7/EVENT: Close session: session 0, pid 0

*Jan  2 21:48:24:632 2013 H3C SSHS/7/EVENT: Close pty: pseudo-terminal-master(-1), pseudo-terminal-sub(-1)

*Jan  2 21:48:24:633 2013 H3C SSHS/7/EVENT: Session id 0 unused.

*Jan  2 21:48:24:633 2013 H3C SSHS/7/EVENT: Channel 0: garbage collecting

*Jan  2 21:48:24:633 2013 H3C SSHS/7/EVENT: Connection closed by 192.168.10.1

*Jan  2 21:48:24:634 2013 H3C SSHS/7/EVENT: PAM: cleanup

*Jan  2 21:48:24:648 2013 H3C SSHS/7/EVENT: Transferred: sent 1256 bytes, received 2664 bytes

%Jan  2 21:48:24:648 2013 H3C SSHS/6/SSHS_LOG: User it01 logged out from 192.168.10.1 port 59608.

%Jan  2 21:48:24:648 2013 H3C SSHS/6/SSHS_DISCONNECT: SSH user it01 (IP: 192.168.10.1) disconnected from the server.

 

 

最佳答案

无名之辈
无名之辈 九段
粉丝:187人 关注:0人

您好,根据上述分析,建议您首先检查RADIUS服务器是否正确下发了用户角色权限,并在交换机上配置默认用户角色。同时,使用调试命令查看RADIUS服务器返回的属性值,确认是否存在不匹配的Login-Service属性或计费相关问题。通过这些步骤,应该能够定位并解决SSH连接后立即断开的问题。

暂无评论

1 个回答
按时间 按赞数
zhl188
zhl188 六段
粉丝:2人 关注:3人

加上它看看

域名没有和radius关联

暂无评论

编辑答案

你正在编辑答案

如果你要对问题或其他回答进行点评或询问,请使用评论功能。

分享扩散:

提出建议

    +
网站相关
关于我们
服务条款
隐私政策
帮助中心
经验与权限
积分规则
联系我们
联系我们
建议反馈
常用链接
标杆的神器下载
关注我们
H3C官网
新华三服务公众号
安仔远程运维服务
新华三商城
内容许可
除特别说明外,用户内容均可采用知识共享署名-相同方式共享3.0中国大陆许可协议进行许可

Copyright©2025新华三集团保留一切权利 当前呈现版本 NO.1

本图标版权归新华三集团所有,仅限本社区使用,切勿用做商业目的,违者必究

浙ICP备09064986号-1   浙公网安备 33010802004416号

亲~登录后才可以操作哦!

确定

亲~检测到您登陆的账号未在http://hclhub.h3c.com进行注册

注册后可访问此模块

跳转hclhub

你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作

举报

×

侵犯我的权益 >
对根叔社区有害的内容 >
辱骂、歧视、挑衅等(不友善)

侵犯我的权益

×

泄露了我的隐私 >
侵犯了我企业的权益 >
抄袭了我的内容 >
诽谤我 >
辱骂、歧视、挑衅等(不友善)
骚扰我

泄露了我的隐私

×

您好,当您发现根叔知了上有泄漏您隐私的内容时,您可以向根叔知了进行举报。 请您把以下内容通过邮件发送到pub.zhiliao@h3c.com 邮箱,我们会尽快处理。
  • 1. 您认为哪些内容泄露了您的隐私?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
  • 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)

侵犯了我企业的权益

×

您好,当您发现根叔知了上有关于您企业的造谣与诽谤、商业侵权等内容时,您可以向根叔知了进行举报。 请您把以下内容通过邮件发送到 pub.zhiliao@h3c.com 邮箱,我们会在审核后尽快给您答复。
  • 1. 您举报的内容是什么?(请在邮件中列出您举报的内容和链接地址)
  • 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
  • 3. 是哪家企业?(营业执照,单位登记证明等证件)
  • 4. 您与该企业的关系是?(您是企业法人或被授权人,需提供企业委托授权书)
我们认为知名企业应该坦然接受公众讨论,对于答案中不准确的部分,我们欢迎您以正式或非正式身份在根叔知了上进行澄清。

抄袭了我的内容

×

原文链接或出处

诽谤我

×

您好,当您发现根叔知了上有诽谤您的内容时,您可以向根叔知了进行举报。 请您把以下内容通过邮件发送到pub.zhiliao@h3c.com 邮箱,我们会尽快处理。
  • 1. 您举报的内容以及侵犯了您什么权益?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
  • 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
我们认为知名企业应该坦然接受公众讨论,对于答案中不准确的部分,我们欢迎您以正式或非正式身份在根叔知了上进行澄清。

对根叔社区有害的内容

×

垃圾广告信息
色情、暴力、血腥等违反法律法规的内容
政治敏感
不规范转载 >
辱骂、歧视、挑衅等(不友善)
骚扰我
诱导投票

不规范转载

×

举报说明